-
Notifications
You must be signed in to change notification settings - Fork 7
Open
Labels
enhancementNew feature or requestNew feature or request
Description
Currently, the various OIDC-related API endpoints are hardcoded in the Provider's constructor:
data['authorization_endpoint'] = `${issuer}/authorize`
data['token_endpoint'] = `${issuer}/token`
data['userinfo_endpoint'] = `${issuer}/userinfo`
data['jwks_uri'] = `${issuer}/jwks`
data['registration_endpoint'] = `${issuer}/register`
data['check_session_iframe'] = `${issuer}/session`
data['end_session_endpoint'] = `${issuer}/logout`
(This also affects how they're advertised in .well-known/openid-configuration
).
It would be preferable to allow a consumer app to specify which URI path to mount these endpoints on. Sort of like:
let provider = new Provider({
issuer: 'https://example.com',
mount: '/oidc/'
})
// -> which would lead to:
// https://example.com/oidc/authorize
// https://example.com/oidc/token
// https://example.com/oidc/userinfo
// etc
Note: This is only a refactoring of the provider's discover()
functionality, not anything to do with OP express routes.
Metadata
Metadata
Assignees
Labels
enhancementNew feature or requestNew feature or request